Earticle

Fingerprint authentication systems have been widely deployed in both civilian and government applications, however, whether fingerprint authentication systems is security or not has been an important issue under fraudulent attempts through artificial spoof fingerprints. In this paper, inspired by popular feature descriptors such as gray level co-occurrence matrix (GLCM) and Gradient (difference matrix (DM)), we propose a novel software-based fingerprint liveness detection algorithm called difference co-occurrence matrix (DCM). In doing so, quantization operation is firstly conducted on the images. DMs are constructed by calculating difference matrices of horizontal and vertical pixel values of images; difference co-occurrence arrays are constructed from the difference matrices between adjacent pixels. To reduce the influence of abnormal pixel values, truncation is used for DMs. Then, we compute four parameters (Angular Second Moment, Entropy, Inverse Differential Moment and Correlation) used as feature vectors of fingerprint images. For the first time in the fingerprint liveness detection, we construct eight difference co-occurrence matrices and extract texture features from processed DCMs. Finally, SVM classifier is used to predict classification accuracy. The experimental results reveal that our proposed method can achieve more accurate classification compared with the best algorithms of 2013 Fingerprint Liveness Detection Competition, while being able to recognize spoofed fingerprints with a better degree of accuracy.

Fingerprint-based recognition systems have been widely deployed in numerous civilian and government applications. However, the fingerprint recognition systems can be deceived by using an accurate imitation of a real fingerprint such as an artificially made fingerprint. In this paper, we propose a novel software-based fingerprint liveness detection algorithm based on gray level co-occurrence matrix (GLCM), from which we can calculate the texture features of fingerprint images and obtain satisfactory results. For the first time, we extract texture features by constructing four-direction GLCMs in an image, and then quantization operation and normalization operation are adopted. After these, we detected whether a fingerprint image belongs to a real fingerprint or an artificial replica of it. A trained RBF SVM (support vector machine) classifiers scheme is used to make the final live/spoof decision via training and testing feature vectors. The experimental results reveal that our proposed method can discriminate between live fingerprints and fake ones with high classification accuracy.

WSN (wireless sensor network) is widely applied in environmental monitoring, assets tracking, battlefield monitoring and smart building. Since nodes in WSN are constrained by finite battery power and operational capability, it will have the direct effects on the lifetime of whole network. Well-designed routing protocols could make network succinct and efficient. In order to prolong the overall lifetime of WSN, lots of clustering algorithms have been proposed. Most of them are based on LEACH and proved energy-efficient, but few are implemented in real systems. CTP (collection tree protocol) has been extensively used in many systems and provides a reliable protocol for data collection. However, it neither considers energetic balance nor follows clustering feature. In this paper, we propose an efficient routing protocol by improving the CTP, adding clustering and centrally controlled features. Furthermore, we introduce a lightweight method of command distribution and some implementation technologies of clustering based on CTP. The related experiments that carried on TelosB demonstrate that our scheme is outstanding in lifetime and efficiency.

In wireless sensor networks, the main work of nodes is for data collection and transmission. CTP (Collected Tree Protocol) had been widely applied, and proved to be reliable, robust, efficient data collection protocol. Its independent with hardware and the data delivery rate is relatively high, but CTP also has some shortcomings: the protocol only relied on the ETX value of next hop node selection, there need other factors to consider. In the original CTP protocol, the energy consumption of a node with a better ETX value was too fast. It would cause the whole network time decreased quickly. Then, the node with better ETX value may have low package rate, and would affect the delivery rate of the whole networks. This paper was aimed at this two aspects of CTP, based on the original CTP, the probability of selection mechanism was introduced, proposed ACTP, lead the node load equilibrium and improved the delivery rate. Through the experimental data of TelosB nodes in real analysis, we had improved the whole network time and increased the number of successful packets delivery.

With the emergence of cloud computing, many data owners outsource their local data to cloud server so as to enjoy high-quality data storage services. For the protection of data privacy, sensitive data has to be encrypted before outsourcing, which makes effective data utilization a challenging task. Although existing searchable encryption technologies enable data users to conduct secure search over encrypted data, the functionality of these schemes need to be further improved. In this paper, we construct a secure and efficient multi-keyword ranked search scheme which supports both the semantic extension search and the multi-keyword ranked search. The semantic extension is achieved through the mutual information statistical analysis of keywords. And the multi-keyword ranked search is achieved through a balanced binary tree whose nodes are the vectors of term frequency (TF) values. The splitting operation and secure transformation are utilized to encrypt the vectors of index and query. Note that, the encrypted vectors can be well used to calculate accurate relevance scores. Phantom terms are added to the index vector to blind the search results to resist statistical attacks. Due to the use of tree-based index structure, the proposed scheme can achieve the sub-linear search time. Finally, the experiments are conducted to demonstrate the efficiency of the proposed scheme.

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic tool to implement access control for secure cloud storage systems. However, most existing access control schemes based on CP-ABE for the multi-authority cloud storage systems rely on a fully trusted global certificate authority. It is just an ideal assumption while there never exists a fully trusted global certificate authority in reality. In this paper, we construct a system with multiple certificate authorities (CA). The parameters of those CAs could be verified when an authority suspects the messages received from the correlative certificate authority. Besides, we construct a verifiable secret sharing (VSS) scheme to realize the decentralization of the certificate authority in our scheme. The scheme adopts the Pedersen commitment in combination with the properties of bilinear-pairs on elliptic curve and bilinear Diffie-Hellman problem. The analysis shows that our scheme is highly efficient, authentic and provably secure under the security model. Our scheme simultaneously supports efficient attribute revocation.

The protocols of Wireless Sensor Networks (WSNs) can be categorized into two classes: proactive network protocol like CTP and reactive network protocol like TEEN. The former periodically collects data, working well in the applications of collecting data persistently. However, it can’t dynamically alter the transmission frequency and the routing selecting strategy. The latter can react to the environment change, so it is widely used in the applications requiring nodes to be reactive to some emergencies. But it only works in reactive networks without collecting data under normal circumstance. We find that dynamically altering the transmission frequency and the routing selecting strategy according to the environment change is very effective and significant. For the reasons above, this paper presents TDRHN protocol. It periodically collects data in normal situation and can not only take faster transmission frequency but also alter the routing selecting strategy when it detects some emergencies. So TDRHN can effectively work in hybrid networks combining proactive networks and reactive networks. Finally, we evaluate TDRHN on the testbed with TelosB motes in real deployment. The concluded results of the experiments demonstrate that TDRHN has some particular advantages.

Localization systems have been identified as key issues in the development and operation of wireless sensor networks. The global positioning system (GPS) solves the problem about localization, but it is not suitable for wireless sensor networks. Due to range-free localization approaches requiring low equipped hardware and easy to implement, it is widely used in WSNs localization system. When the node communication radius increases, the accuracy of area-based localization is reduced. It is important to improve the localization accuracy in this situation. In this paper, to improve the accuracy of the node localization, we propose a new range-free localization using Voronoi diagrams based approximate point-in-triangulation test (APIT) algorithm. We compare our algorithm with APIT. Simulation results show that the VPIT improved the precision of localization by narrowing the node's geometry region.

Attribute-Based Encryption (ABE) is a promising cryptographic primitive to implement access control for secure data storage in the cloud. Since the data owner may frequently change the access policies defined in the ciphertext, it is significant to provide the capacity for dynamic policy updating. However the cloud should also authenticate the owner because the adversary may modify the access policies of the files in the cloud to prevent the legal users from accessing them. In this paper, we focus on the owner’s authentication in the ABE systems and propose a novel scheme which enables access control with authenticated dynamic policy updating in the cloud. We adapt the Pedersen commitment and Zero Knowledge Proof of Knowledge (ZKPK) to realize the anonymous authentication of the owner’s policy updating key without increasing any secret information to the owner side. The analysis shows that our scheme is authentic and efficient as well as adaptive to different types of access policies.

With the growing popularity of cloud computing, more and more data owners are willing to outsource their data to the cloud. However, private data should be encrypted before outsourcing for security requirements, which obsoletes data utilization like content-based image retrieval. In this paper, we propose a secure similarity image search scheme, which allows data owners to outsource their encrypted image database to the cloud server without revealing the real content of images. The proposed scheme supports both global and local feature based image retrieval under various distance metrics, such as earth mover's distance. Firstly, the data owner extracts either global features or local features from images to represent the images. Then, these features are used to generate a searchable index. Finally, both image database and searchable index are encrypted before outsourcing to the cloud server. When a query image coming, the data user extracts feature from the query image and generates the search trapdoor. The trapdoor is then sent to the cloud server and used to compare the similarity with the searchable index. Extensive experiments are conducted to show the efficiency and applicability of our proposed similarity image search system.

Link quality estimation (LQE) is an effective basic building block in wireless sensor networks (WSNs) and higher cross layer design of network protocol. Some researchers have investigated the statistical properties of the link quality estimators independently from higher-layer protocols, and their impact on the Collection Tree Routing Protocol (CTP). Then they set up a dedicated LQE, independent of the protocol interface, which has in total of four bits information: one from the physical layer, one from the link layer, and two from the network layer. Four-bit has been found to be a good estimator; however its performance heavily depends on the tuning of its parameters. But we found that Four-bit couldn’t be working effectively in responding to the burst situation after repeated experiments. So we redesigned the link estimation method, called Stable Link Quality Estimation (SLQE), which combines active probing with passive snooping to make estimation more stable. We have found that the new design can cope with the emergency. Moreover it also enhances the robustness of the network, and saves the overall energy consumption of the network.

Wireless sensor networks hold the promise of facilitating large-scale and real-time data processing in complex environments, therefore the security is a critical issue that must be resolved. In order to prevent attacks by adversaries with fake identities, we propose a secure data transmission scheme based on information hiding technique. Firstly, one superficial change made to the beacon message of original CTP is to mark the unique identity infor-mation of a sensor node. Secondly, sensitive information is uniformly and randomly embed-ded into the ordinary data by using the space-efficient randomized data structure characteris-tic of Bloom Filter. Experimental results and performance analysis demonstrate that the pro-posed scheme can efficiently detect the malicious node with fake identities through the sensi-tive information. On the other hand, our scheme can protect the sensitive information without affecting the transmission and usability of the ordinary data.

With the development of cloud computing, the sensitive information of outsourced data is at risk of unauthorized accesses. To protect data privacy, the sensitive data should be encrypted by the data owner before outsourcing, which makes the traditional and efficient plaintext keyword search technique useless. Hence, it is an especially important thing to explore secure encrypted cloud data search service. Considering the huge number of outsourced data, there are three problems we are focused on to enable efficient search service: multi-keyword search, result relevance ranking and dynamic update. In this paper, we propose a practically efficient and flexible searchable encrypted scheme which supports both multi-keyword ranked search and dynamic update. To support multi-keyword search and result relevance ranking, we adopt Vector Space Model (VSM) to build the searchable index to achieve accurate search result. To improve search efficiency, we design a tree-based index structure which supports insertion and deletion update well without privacy leakage. We propose a secure search scheme to meet the privacy requirements in the threat model. Finally, experiments on real-world dataset are implemented to demonstrate the overall performance of the proposed scheme, which show our scheme is efficient.

Cloud storage enables users to outsource their data to cloud servers and enjoy the on-demand services. However, this new paradigm also introduces integrity threats toward user’ outsourced data. This paper develops an efficient auditing mechanism, which support batch auditing for multiple data files in multi-cloud environment. By constructing a sequence-enforced Merkle Hash Tree, the proposed protocol can resist the replace attack. By using the bilinear map, the proposed protocol achieves stateless and transparent verification. By putting the computation of intermediate values of the verification on cloud servers, our method can greatly reduce the computing burden of the auditor. The performance analysis proves the good efficiency of the proposed protocol.

With the increasing popularity of cloud computing, more and more sensitive or private information has been outsourced onto the cloud server. For protecting data privacy, sensitive data usually has to be encrypted before outsourcing, which makes traditional search techniques based on plaintext useless. In response to the search over encrypted data, searchable encryption is a good solution in Information Security. However, most of existing searchable encryption schemes only support exact keyword search. That means they don’t support searching for different variants of the query word, which is a significant drawback and greatly affects data usability and user experience. Recently, a fuzzy keyword search scheme proposed by some researchers aims at addressing the problems of minor typos and format inconsistence but couldn’t solve the problem above. In this paper, we formalize the problem of semantic keyword-based search over encrypted cloud data while preserving privacy. Semantic keyword-based search will greatly improves the user experience by returning all the documents containing semantically close keywords related to the query word. In our solution, we use the stemming algorithm to construct stem set, which reduces the dimension of index. And the symbol-based trie is also adopted in index construction to improve the search efficiency. Through rigorous privacy analysis and experiment on real dataset, our scheme is secure and efficient.

With the rapid development of the Internet, getting shared resource on the network is becoming more easy, and various plagiarize is becoming to breed, so the research of text copy detection technology is becoming more important. The traditional copy detection technology is based on term frequency statistics, and does not consider the context semantic. Some plagiarism can be easily made by replacing synonyms, changing the sentence structure, or translating from one language to another language. But the traditional copy detection technology could not detect such plagiarism. In this paper, a text copy detection method based on semantic is proposed. By using an improved TFIDF algorithm, terms could be more accurately extracted from each document in the corpus. By putting the documents corresponding to the terms one by one, a terms category is built in the database. When a document is detecting, the terms are read from the database and matched. The testing results show that, compared to the traditional TFIDF algorithm, the improved method could more accurately detect the plagiarism.